<?php

class AbstractController extends Zend_Controller_Action
{
	
	protected $user = null;
	
	function preDispatch()
	{
		$roles = Zend_Registry::getInstance()->get('rights')->role;
		$auth = Zend_Auth::getInstance();
		$guestRights = 0;
		$role = $roles->$guestRights;
		
		// check if the user is logged
		if ($auth->hasIdentity()) {
			// user is logged
			$userdata = $auth->getIdentity();
			$this->user = $userdata;
			$userRights = ($userdata->rights);
			if (isset($roles->$userRights)) {
				// check that the user is authorized
				$role = $roles->$userRights;
			}
		}

		// check if the controller/action wanted is allowed to this user
		$controllerName = $this->getRequest()->getControllerName();
		$actionName = $this->getRequest()->getActionName();
		$acl = Zend_Registry::getInstance()->get('acl');
		$isAllowed = false;
		try {
			if ($acl->isAllowed($role, $controllerName . ':' . $actionName)) {
				$isAllowed = true;
			}		
		} catch(Zend_Acl_Exception $e) {
			// resource doesn't existe in list. Nothing to do ($isAllowed is false)
		}
		if (!$isAllowed) {
			HttpUtil::do401();
		}
	}
		
	function indexAction()
    {
		if (!$this->_request->isGet()) {
			HttpUtil::do405();
		}
    }
    
    
    function getAction()
    {
		if (!$this->_request->isGet()) {
			HttpUtil::do405();
		}
    }
    
    function postAction()
    {
		if (!$this->_request->isPost()) {
			HttpUtil::do405();
		}
    }

    
    
    
    function putAction()
    {
		if (!$this->_request->isPost()) {
			HttpUtil::do405();
		}
    }
    
    
    
    function deleteAction()
    {
		if (!$this->_request->isPost()) {
			HttpUtil::do405();
		}
    }

}
